Internet Association believes in the power of cloud computing to improve government processes and maximize the impact of each taxpayer dollar. IA is proud to represent world-class cloud providers with a relentless focus on helping federal, state, and local governments do just that. That’s why it was disappointing to see the Securities and Exchange Commission (SEC) recently issue a Request for Information that failed to even acknowledge the possibility of a cloud-first approach.
Since 2011, the Cloud First policy for government procurement has directed U.S. agencies to prioritize secure cloud solutions when making new investments. This mandate reflects the fact that leading cloud providers offer best-in-class capabilities for achieving not only cost savings and efficiency gains, but real security advantages. It is therefore no surprise that Congress doubled down on the cloud push with 2014 legislation, or that the current administration is embracing public cloud services as it pursues urgent cybersecurity goals.
But cloud adoption still lags across federal departments and independent agencies. While this transition may at one time have seemed daunting, today it is clear that the true costs and risks lay in failing to move forward.
Public cloud solutions from federally-certified providers enable agencies to focus on their missions even as they improve asset utilization, consolidate duplicative systems, and gain speed and agility in provisioning IT resources. They allow agencies to benefit from private sector innovation while removing barriers to their own experimentation and erasing constraints around limited or inflexible technical capacity. And this typically occurs as costs fall, a key objective given growing public dismay that too much of the federal government’s $80 billion-plus IT budget is spent simply maintaining obsolete systems.
Today it is well understood that leading cloud providers offer superior built-in compliance and audit controls, continuous security upgrades, and a wealth of industry-recognized certifications. The size and scale of these vendors also ensures constant security innovation and protection against attacks that would cripple a smaller network of data centers.
Both public and private entities like the CIA and Financial Industry Regulatory Authority (FINRA) have turned to commercial cloud providers for this very reason. FINRA, a private body protecting investors from fraud and other wrongdoing in the securities industry, relies on these tools to securely process 37 billion records each day. FINRA’s move is part of a wider push into the cloud by the financial services industry and its overseers. These groups often manage vast quantities of sensitive information and come under frequent cyber-attack. Rather than go it alone, they have endorsed the security and operational gains offered by public cloud options.
Federal agencies managing similar data sets ought to take note. As they plan their own cloud transitions and structure solicitations, these bodies must also favor outcomes-based targets over needlessly prescriptive dictates. Government clients should always request adequate documentation and be able to structure cloud-hosted applications and data based on their unique risk management priorities. But dictating technical procedures from the start prevents industry from achieving the desired ends through proven best practices.
As expectations rise and budgets shrink, agencies can no longer afford to simply default to yesterday’s technology. Public cloud solutions offer a compelling answer. Those planning IT expansions owe it to their internal stakeholders and to the taxpayer to closely consider them.